research-article

Tampering with the Delivery of Blocks and Transactions in Bitcoin

Authors:

Arthur Gervais,

Hubert Ritzdorf,

Ghassan O. Karame,

Srdjan CapkunAuthors Info & Claims

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Pages 692 - 705

https://doi.org/10.1145/2810103.2813655

Published: 12 October 2015 Publication History

Abstract

Given the increasing adoption of Bitcoin, the number of transactions and the block sizes within the system are only expected to increase. To sustain its correct operation in spite of its ever-increasing use, Bitcoin implements a number of necessary optimizations and scalability measures. These measures limit the amount of information broadcast in the system to the minimum necessary. In this paper, we show that current scalability measures adopted by Bitcoin come at odds with the security of the system. More specifically, we show that an adversary can exploit these measures in order to effectively delay the propagation of transactions and blocks to specific nodes for a considerable amount of time---without causing a network partitioning in the system. Notice that this attack alters the information received by Bitcoin nodes, and modifies their views of the ledger state. Namely, we show that this allows the adversary to considerably increase its mining advantage in the network, and to double-spend transactions in spite of the current countermeasures adopted by Bitcoin. Based on our results, we propose a number of countermeasures in order to enhance the security of Bitcoin without deteriorating its scalability.

References

[1]

Bitcoin Wiki, Available from https://en.bitcoin.it/wiki/.

[2]

Bitcoin dev commit 4547: prevent peer flooding request queue for an inv, 2015. Available from: https://github.com/bitcoin/bitcoin/pull/4547.

[3]

Bitcoin dev commit 4831: net: Better askfor request management, 2015. Available from: https://github.com/bitcoin/bitcoin/pull/4831.

[4]

Bitcoin Mailing List - Peter Todd about how many pools use an additional relay network, 2015. Available from: http://sourceforge.net/p/bitcoin/mailman/message/34152876/.

[5]

Bitcoin market cap, 2015. Available from: https://blockchain.info/charts/market-cap.

[6]

Bitcoin Relay Network, 2015. Available from: http://bitcoinrelaynetwork.org/.

[7]

Bitcoin XT, 2015. Available from: https://github.com/bitcoinxt/bitcoinxt.

[8]

Double spending in Bitcoin, 2015. Available from: https://medium.com/@octskyward/double-spending-in-bitcoin-be0f1d1e8008%.

[9]

Stress Test Prepares VisaNet for the Most Wonderful Time of the Year, 2015. Available from: http://goo.gl/hba0oh.

[10]

S. Barber, X. Boyen, E. Shi, and E. Uzun. Bitter to Better - How to Make Bitcoin a Better Currency. In Proceedings of Financial Cryptography and Data Security, 2012.

[11]

Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten. Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. In 2015 IEEE Symposium on Security and Privacy, May 2015.

[12]

Nicolas T. Courtois and Lear Bahack. On subversive miner strategies and block withholding attack in bitcoin digital currency. CoRR, abs/1402.1718, 2014.

[13]

C. Decker and R. Wattenhofer. Information Propagation in the Bitcoin Network. In 13-th IEEE International Conference on Peer-to-Peer Computing, 2013.

[14]

Bitcoin exchanges, 2013. Available from: https://en.bitcoin.it/wiki/Exchanges.

[15]

Ittay Eyal and Emin Gün Sirer. Majority is not enough: Bitcoin mining is vulnerable. In Financial Cryptography and Data Security, pages 436--454. Springer, 2014.

[16]

The Finney Attack, 2013. Available from: https://en.bitcoin.it/wiki/Weaknesses#The_.22Finney.22_attack.

[17]

Arthur Gervais, Ghassan Karame, Srdjan Capkun, and Vedran Capkun. Is bitcoin a decentralized currency? In IEEE Security and Privacy, 2014.

[18]

Arthur Gervais, Ghassan O. Karame, Damian Gruber, and Srdjan Capkun. On the privacy provisions of bloom filters in lightweight bitcoin clients. In Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, December 8--12, 2014, 2014.

Digital Library

[19]

E. Heilman, A. Kendler, A. Zohar, and S. Goldberg. Eclipse attacks on bitcoin's peer-to-peer network. 2015.

[20]

Ghassan O. Karame, Elli Androulaki, and Srdjan Capkun. Double-spending fast payments in bitcoin. In Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, New York, NY, USA, 2012. ACM.

Digital Library

[21]

Ghassan O. Karame, Elli Androulaki, Marc Roeschlin, Arthur Gervais, and SrdjanvCapkun. Misbehavior in bitcoin: A study of double-spending and accountability. ACM Trans. Inf. Syst. Secur., 18(1):2:1--2:32, May 2015.

Digital Library

[22]

Andrew Miller, James Litton, Andrew Pachulski, Neal Gupta, Dave Levin, Neil Spring, and Bobby Bhattacharjee. Discovering bitcoin's public topology and influential nodes, 2015.

Cited By

Wahrstätter AErnstberger JYaish AZhou LQin KTsuchiya TSteinhorst SSvetinovic DChristin NBarczentewicz MGervais AChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Blockchain CensorshipProceedings of the ACM Web Conference 202410.1145/3589334.3645431(1632-1643)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645431
Albrecht JAndreina SArmknecht FKarame GMarson GWillingmann J(2024)Larger-scale Nakamoto-style Blockchains Don’t Necessarily Offer Better Security2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00227(2161-2179)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00227
Lu SLei CTsai M(2024)An efficient Proof-of-Authority consensus scheme against cloning attacksComputer Communications10.1016/j.comcom.2024.107975228(107975)Online publication date: Dec-2024
https://doi.org/10.1016/j.comcom.2024.107975
Show More Cited By

Index Terms

Tampering with the Delivery of Blocks and Transactions in Bitcoin
1. Security and privacy
  1. Network security

Recommendations

Misbehavior in Bitcoin: A Study of Double-Spending and Accountability

Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to resist double-spending through a distributed timestamping service. To ensure the operation and security of Bitcoin, it is essential that all transactions and their order of ...
Double-spending fast payments in bitcoin
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to verify payments. Nowadays, Bitcoin is increasingly used in a number of fast payment scenarios, where the time between the exchange of currency and goods is short (in the ...
Double-spending prevention for Bitcoin zero-confirmation transactions

Zero-confirmation transactions, i.e. transactions that have been broadcast but are still pending to be included in the blockchain, have gained attention in order to enable fast payments in Bitcoin, shortening the time for performing payments. Fast ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

October 2015

1750 pages

ISBN:9781450338325

DOI:10.1145/2810103

General Chair:
Indrajit Ray
Colorado State University, USA
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Christopher Kruegel
University of California, Santa Barbara, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Zurich Information Security Center

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12 - 16, 2015

Colorado, Denver, USA

Acceptance Rates

CCS '15 Paper Acceptance Rate 128 of 660 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

158
Total Citations
View Citations
1,665
Total Downloads

Downloads (Last 12 months)58
Downloads (Last 6 weeks)9

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wahrstätter AErnstberger JYaish AZhou LQin KTsuchiya TSteinhorst SSvetinovic DChristin NBarczentewicz MGervais AChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Blockchain CensorshipProceedings of the ACM Web Conference 202410.1145/3589334.3645431(1632-1643)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645431
Albrecht JAndreina SArmknecht FKarame GMarson GWillingmann J(2024)Larger-scale Nakamoto-style Blockchains Don’t Necessarily Offer Better Security2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00227(2161-2179)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00227
Lu SLei CTsai M(2024)An efficient Proof-of-Authority consensus scheme against cloning attacksComputer Communications10.1016/j.comcom.2024.107975228(107975)Online publication date: Dec-2024
https://doi.org/10.1016/j.comcom.2024.107975
Drakatos PCosta CKonstantinidis AChrysanthis PZeinalipour-Yazti D(2024)A blockchain datastore for scalable IoT workloads using data decayingDistributed and Parallel Databases10.1007/s10619-024-07441-942:3(403-445)Online publication date: 10-May-2024
https://dl.acm.org/doi/10.1007/s10619-024-07441-9
Liu-Zhang CMatt CThomsen S(2024)Asymptotically Optimal Message Dissemination with Applications to BlockchainsAdvances in Cryptology – EUROCRYPT 202410.1007/978-3-031-58734-4_3(64-95)Online publication date: 26-May-2024
https://dl.acm.org/doi/10.1007/978-3-031-58734-4_3
Li SShi SXiao YZhang CHou YLou W(2024)Bijack: Breaking Bitcoin Network with TCP VulnerabilitiesComputer Security – ESORICS 202310.1007/978-3-031-51479-1_16(306-326)Online publication date: 12-Jan-2024
https://doi.org/10.1007/978-3-031-51479-1_16
Liu YJu FZhang QZhang MMa ZLi MYang ALiu F(2023)Overview of Internet of Medical Things Security Based on Blockchain Access ControlJournal of Database Management10.4018/JDM.32154534:3(1-20)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.4018/JDM.321545
Mao YVenkatakrishnan S(2023)Less Is More: Understanding Network Bias in Proof-of-Work BlockchainsMathematics10.3390/math1123474111:23(4741)Online publication date: 23-Nov-2023
https://doi.org/10.3390/math11234741
Zhou CXing LLiu QLi Y(2023)System-Level Dependability Analysis of Bitcoin under Eclipse and 51% AttacksInternational Journal of Mathematical, Engineering and Management Sciences10.33889/IJMEMS.2023.8.4.0318:4(547-559)Online publication date: 1-Aug-2023
https://doi.org/10.33889/IJMEMS.2023.8.4.031
Nasrulin BIshmaev GDecouchant JPouwelse J(2023)LOProceedings of the 24th International Middleware Conference10.1145/3590140.3629108(98-110)Online publication date: 27-Nov-2023
https://dl.acm.org/doi/10.1145/3590140.3629108
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents